CVE-2021-28375 log

Source
Severity Medium
Remote No
Type Insufficient validation
Description
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308.
Group Package Affected Fixed Severity Status Ticket
AVG-1688 linux-lts 5.10.23-1 5.10.24-1 High Fixed
AVG-1687 linux-hardened 5.11.6.hardened1-1 5.11.7.hardened1-1 High Fixed
AVG-1686 linux-zen 5.11.6.zen1-1 5.11.7.zen1-1 High Fixed
AVG-1685 linux 5.11.6.arch1-1 5.11.7.arch1-1 High Fixed
References
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.11.7&id=2754ab0efc08a9ab6f50d4ad592967db37dd38cc
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.24&id=52feb58f9b5b078b5a39ed8ba8ab3b4546e16ff2